WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/22/2008 07:35:19 PM (12 years ago)
Author:
ryan
Message:

Refactor login. see #5405

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/user.php

    r6391 r6643  
    11<?php
     2
     3function wp_signon( $credentials = '' ) {
     4    if ( empty($credentials) ) {
     5        if ( ! empty($_POST['log']) )
     6            $credentials['user_login'] = $_POST['log'];
     7        if ( ! empty($_POST['pwd']) )
     8            $credentials['user_password'] = $_POST['pwd'];
     9        if ( ! empty($_POST['rememberme']) )
     10            $credentials['remember'] = $_POST['rememberme'];
     11    }
     12
     13    if ( !empty($credentials['user_login']) )
     14        $credentials['user_login'] = sanitize_user($credentials['user_login']);
     15    if ( !empty($credentials['user_password']) )
     16        $credentials['user_password'] = trim($credentials['user_password']);
     17    if ( !empty($credentials['remember']) )
     18        $credentials['remember'] = true;
     19    else
     20        $credentials['remember'] = false;
     21
     22    // If no credential info provided, check cookie.
     23    if ( empty($credentials['user_login']) && empty($credentials['user_password']) ) {
     24            $user = wp_validate_auth_cookie();
     25            if ( $user )
     26                return new WP_User($user);
     27
     28            if ( !empty($_COOKIE[AUTH_COOKIE]) )
     29                return new WP_Error('expired_session', __('Your session has expired.'));
     30
     31            // If the cookie is not set, be silent.
     32            return new WP_Error();
     33    }
     34
     35    if ( empty($credentials['user_login']) || empty($credentials['user_password']) ) {
     36        $error = new WP_Error();
     37
     38        if ( empty($credentials['user_login']) )
     39            $error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
     40        if ( empty($credentials['user_password']) )
     41            $error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
     42        return $error;
     43    }
     44
     45    do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password']));
     46
     47    $user = wp_authenticate($credentials['user_login'], $credentials['user_password']);
     48    if ( is_wp_error($user) )
     49        return $user;
     50
     51    wp_set_auth_cookie($user->ID);
     52    do_action('wp_login', $credentials['user_login']);
     53    return $user;
     54}
    255
    356function get_profile($field, $user = false) {
     
    1669// TODO: xmlrpc only.  Maybe move to xmlrpc.php.
    1770function user_pass_ok($user_login,$user_pass) {
    18     $userdata = get_userdatabylogin($user_login);
    19     return wp_check_password($user_pass, $userdata->user_pass);
     71    $user = wp_authenticate($user_login, $user_pass);
     72    if ( is_wp_error($user) )
     73        return false;
     74
     75    return true;
    2076}
    2177
Note: See TracChangeset for help on using the changeset viewer.